how vulnerable is "hidden-encrypt-to"

Jean-David Beyer jeandavid8 at
Sat Aug 18 05:12:25 CEST 2012

Hash: SHA1

Hauke Laging wrote:
> Am Fr 17.08.2012, 21:05:32 schrieb auto15963931:
>> In the example
>> of yours it appears as though the message was encrypted to two different
>> keys, one of which was hidden and the other not. Is that right?
> That is right. --hidden-encrypt-to needs other recipients. But you may use 
> ‑‑throw-keyids or --hidden-recipient instead.
>> Incidentally, when I looked at your reply and noticed it was signed, I
>> tried verifying the signature.
>> Why is the signature failing? Thanks.
> That's a bug in my MUA which is triggered by the email being encoded as ascii:
> This bug (or rather: problem) has been discovered here on the list – it occurs 
> almost only in English emails. I have added a non-ASCII char to my text 
> signature thus forcing a charset different from ascii. Thus the signature of 
> this email should be OK.


OpenPGP Security Info

UNTRUSTED Good signature from Hauke Laging <mailinglisten at>
Key ID: 0x3A403251 / Signed on: 08/17/2012 10:24 PM
Key fingerprint: D44C 6A5B 71B0 427C CED3 025C BD7D 6D27 ECCB 5814

- --
  .~.  Jean-David Beyer          Registered Linux User 85642.
  /V\  PGP-Key:3EDBB65E 9A2FC99A Registered Machine   241939.
 /( )\ Shrewsbury, New Jersey
 ^^-^^ 23:10:01 up 30 days, 3:11, 3 users, load average: 4.42, 4.42, 4.43
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with CentOS -


More information about the Gnupg-users mailing list